HIPAA Alert: The 10 Most Common HIPAA Violations
Ever wonder what the 10 most common HIPAA violations are in the health care industry?
Snooping on health care records and lack of a risk management process top the list.
Here is a listing ot the top 10 HIPAA violations:
- Snooping on health care records: Snooping/accessing, without need to know or signed authorization, on health care records of family, friends, neighbors, coworkers and celebrities is one of the most common HIPAA violations committed by employees.
- Failure to perform an organizationwide risk analysis: If the risk analysis is not performed regularly, organizations will not be able to determine whether any vulnerabilities to the confidentiality, integrity and availability of Protected Health Information exist.
- Failure to manage security risks/lack of a risk management process: Risks that are identified during risk analysis must be subjected to a risk management process.
- Failure to enter into a HIPAA-Compliant Business Associate Agreement.
- Insufficient ePHI access controls: The HIPAA Security Rule requires covered entities and their business associates to limit access to ePHI to authorized individuals.
- Failure to use encryption or an equivalent measure to safeguard ePHI on portable devices.
- Exceeding the 60-day deadline for issuing breach notifications.
- Impermissible disclosures of protected health information: This violation category includes disclosing PHI to a patient’s employer, potential disclosures following the theft or loss of unencrypted laptop computers, careless handling of PHI, disclosing PHI without a need, not disclosing the “minimum necessary” and disclosures of PHI after patient authorizations have expired.
- Improper disposal of PHI.
- Denying patients access to health records.
If you have any questions about how Methodist handles HIPAA privacy, please contact HIPAA Privacy Officer Zorana Vojnovic at (402) 354-6863 or firstname.lastname@example.org.